Set iv statically - Githubissues

clearhaus / aes256gcm_decrypt

Decrypt AES256GCM-encrypted data in Apple Pay Payment Tokens.

MIT License

10 stars 1 forks source link

Set iv statically #2

Closed ct-clearhaus closed 6 years ago

ct-clearhaus commented 6 years ago

Suggestion:

diff --git a/ext/aes256gcm_decrypt/aes256gcm_decrypt.c b/ext/aes256gcm_decrypt/aes256gcm_decrypt.c
index 842a0bc..e0db8fd 100644
--- a/ext/aes256gcm_decrypt/aes256gcm_decrypt.c
+++ b/ext/aes256gcm_decrypt/aes256gcm_decrypt.c
@@ -25,10 +25,7 @@ VALUE method_aes256gcm_decrypt_decrypt(VALUE self, VALUE rb_ciphertext, VALUE rb
   memcpy(key, StringValuePtr(rb_key), key_len);

   unsigned int iv_len = 16;
-  unsigned char *iv = calloc(iv_len, sizeof(unsigned char));
-  for (int i = 0; i < iv_len; i++) {
-    iv[i] = '\0';
-  }
+  unsigned char *iv = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";

   unsigned int plaintext_len, len;
   unsigned char *plaintext = calloc(ciphertext_len * 2, sizeof(unsigned char));

WDYT?

mt-clearhaus commented 6 years ago

:+1:

This is a part of https://github.com/clearhaus/aes256gcm_decrypt/pull/5 .

I am torn between

unsigned char iv[] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";

and

unsigned char iv[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };

So far I have chosen the latter, as it is not null/NUL terminated, i.e. sizeof(iv) is 16. All other "strings" thrown around in the C code are not null/NUL terminated due to binary contents. It is just a matter of bikeshedding :slightly_smiling_face: